I'm not sure it's doable without a major rewrite - it has to store each IV, which is five bytes (I think, according to a previous post). Either you'd have to mmap the file and do a huge number of seeks, or extract the IVs into some sort of hashing DB... whether that's possible I don't know.

What would be really nice would be some really REALLY high speed SDRAM cards in a CF format, a true RAM disk. Or solder some more RAM into your Z. (whoosh, off on a dream again. these Zs are *so* addictive for playing "what-if" ).

I don't normally have wep setup on my home AP since it's outside of my firewall and I like to share my wifi with my neighbors, etc.... but I wanted to see aircrack in action so I setup 128bit WEP on the AP and have my laptop connected to it (downloading ISOs). I've started wellenreiter and my stop watch to see about how long it would take to get 500,000 packets. I also have the capture file set on my SD card with about 600mb free, so it should have enough space

so after 6 hours and 15 minutes of wellenreiter running it captured 25,217 packets to a 2.2mb file. I was expecting the file to be much larger. I'm wondering if I did something wrong or didn't have some of the wellenreiter settings set up correctly.

either way, I had aircrack running for over an hour, and for some reason my 1000 went to sleep by itself. I've changed some settings in the light and power app to hopefully prevent it from going to sleep (unless I make it), and left the wifi on (in case the active network will keep it alive too). I'll see if it cracks the wep in the morning.

P.S. I'm impressed that I haven't had any memory issues so far with it

You could just use the Zaurus to create the capture files, then use aircrack on a normal desktop machine/laptop to actually break the wep key.

You'll need a fairly large chunk of data to get the WEP key broken, for a 128bit key then something like a gig of data may need to have passed over the WLAN in order for enough IV's to be captured to break the WEP key.

Also, using airodump and setting it to just store IV's will greatly reduce the data stored, you can then easily transfer this back to a desktop machine to run aircrack on it, etc

so after 6 hours and 15 minutes of wellenreiter running it captured 25,217 packets to a 2.2mb file. I was expecting the file to be much larger. I'm wondering if I did something wrong or didn't have some of the wellenreiter settings set up correctly.

Recommendations:

Aircrack-ptw: Using aircrack-ng, 64 bit wep needs around 400,000 IV's and 128 bit needs a cool million. That being said, you should try to use aircrack-ptw (can google it for info) which needs as less as 20,000-40,000 IVS to crack wep. Ive used it many times and is a great program. If using airodump to capture dont use the --ivs as aircrack-ptw need full capture file.

Injection: Most of the time, you will need to inject packets into the network to generate alot of IVS fast. You will need a wlan cf card capable of injection (AFAIK all prism2/prisim3 cf cards support it). U also need drivers supporting injection such as Hostap. Aireplay-ng is the tool i use to inject and replay packets. Attacks available for client-connected networks as well as client-less ones. I collect 40,000 Ivs in less than 10 minutes on my LifeBook P1510 (1 kg tablet) running backtrack.

I am buying a c1000 (still deciding on supplier) in a few days; if i manage to crack a wep network, i will post a little step-by-step how-to. Hope this helps.

so after 6 hours and 15 minutes of wellenreiter running it captured 25,217 packets to a 2.2mb file. I was expecting the file to be much larger. I'm wondering if I did something wrong or didn't have some of the wellenreiter settings set up correctly.

Recommendations:

Aircrack-ptw: Using aircrack-ng, 64 bit wep needs around 400,000 IV's and 128 bit needs a cool million. That being said, you should try to use aircrack-ptw (can google it for info) which needs as less as 20,000-40,000 IVS to crack wep. Ive used it many times and is a great program. If using airodump to capture dont use the --ivs as aircrack-ptw need full capture file.

Aircrack-ng 0.9.x has the PTW attack. I just broke my WEP key with under 30000 IVs using 0.9 on my Z.